high
7.8
CWE
787
Advisory Published
Updated

CVE-2024-0090: CVE

First published: Thu Jun 13 2024(Updated: )

NVIDIA GPU driver for Windows and Linux contains a vulnerability where a user can cause an out-of-bounds write. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.

Credit: psirt@nvidia.com

Affected SoftwareAffected VersionHow to fix
All of
Any of
NVIDIA GPU Display Driver>=470<475.06
NVIDIA GPU Display Driver>=535<538.67
NVIDIA GPU Display Driver>=550<552.55
NVIDIA GPU Display Driver>=555<555.99
Any of
NVIDIA GeForce
NVIDIA NVS Firmware
NVIDIA Quadro
NVIDIA RTX
NVIDIA Studio
NVIDIA tesla
All of
Any of
NVIDIA GPU Display Driver Linux>=470<470.256.02
NVIDIA GPU Display Driver Linux>=535<535.180.01
NVIDIA GPU Display Driver Linux>=550<550.90.07
NVIDIA GPU Display Driver Linux>=555<555.52.04
Any of
NVIDIA GeForce
NVIDIA NVS Firmware
NVIDIA Quadro
NVIDIA RTX
NVIDIA tesla
All of
Any of
NVIDIA vGPU Software<13.11
NVIDIA vGPU Software>=14.0<16.6
NVIDIA vGPU Software>=17.0<17.2
Any of
Ubuntu
Citrix Hypervisor
Linux Kernel
Microsoft Windows
Red Hat Enterprise Linux Kernel-based Virtual Machine
VMware vSphere
All of
NVIDIA Cloud Gaming<555.99
Microsoft Windows
All of
NVIDIA Cloud Gaming<555.52.04
Any of
Linux Kernel
Red Hat Enterprise Linux Kernel-based Virtual Machine
VMware vSphere
All of
NVIDIA vGPU Software<17.2
Microsoft Azure Stack HCI

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-0090?

    CVE-2024-0090 has a high severity rating due to the potential for code execution and denial of service.

  • How do I fix CVE-2024-0090?

    To fix CVE-2024-0090, update your NVIDIA GPU driver to the latest version available.

  • Which versions of the NVIDIA GPU driver are affected by CVE-2024-0090?

    CVE-2024-0090 affects specific versions of the NVIDIA GPU driver for both Windows and Linux, particularly those below version 475.06 for Windows and 470.256.02 for Linux.

  • What types of issues can result from exploiting CVE-2024-0090?

    Exploiting CVE-2024-0090 can lead to code execution, denial of service, privilege escalation, information disclosure, and data tampering.

  • Is CVE-2024-0090 relevant to NVIDIA GeForce and Quadro products?

    CVE-2024-0090 does not apply to NVIDIA GeForce and Quadro products but rather to specific versions of the NVIDIA GPU driver.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203